CVE-2013-4341
published 2013-09-16CVE-2013-4341: Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 allow remote…
PriorityP432medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
21.86%
97.3th percentile
Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 allow remote attackers to inject arbitrary web script or HTML via a crafted blog link within an RSS feed.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| moodle | moodle | <= 2.2.11 | — |
| moodle | moodle | — | — |
| moodle | moodle | — | — |
| moodle | moodle | — | — |
| moodle | moodle | — | — |
| moodle | moodle | — | — |
| moodle | moodle | — | — |
| moodle | moodle | — | — |
| moodle | moodle | — | — |
| moodle | moodle | — | — |
| moodle | moodle | — | — |
| moodle | moodle | — | — |
| moodle | moodle | — | — |
| moodle | moodle | — | — |
| moodle | moodle | — | — |
| moodle | moodle | — | — |
| moodle | moodle | — | — |
| moodle | moodle | — | — |
| moodle | moodle | >= 0 < 2.5.2-1 | 2.5.2-1 |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8wf8-rc66-c638: Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2
ghsa_unreviewed·2022-05-03
CVE-2013-4341 [MEDIUM] CWE-79 GHSA-8wf8-rc66-c638: Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2
Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 allow remote attackers to inject arbitrary web script or HTML via a crafted blog link within an RSS feed.
OSV
CVE-2013-4341: Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2
osv·2013-09-16·CVSS 4.3
CVE-2013-4341 [MEDIUM] CVE-2013-4341: Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2
Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 allow remote attackers to inject arbitrary web script or HTML via a crafted blog link within an RSS feed.
No detection rules found.
Exploit-DB
Moodle 2.3.8/2.4.5 - Multiple Vulnerabilities
exploitdb·2013-09-09
CVE-2013-4341 Moodle 2.3.8/2.4.5 - Multiple Vulnerabilities
Moodle 2.3.8/2.4.5 - Multiple Vulnerabilities
---
#######################################################################
Ciaran McNally
Application: Moodle
http://download.moodle.org/
Versions: parameter in an
rss feed is vulnerable to javascript injection.
This blog post is viewable by everyone on moodle and you can link to it
directly. Upon clicking the "Link to original blog entry" link, you
get javascript execution.
In moodle the "sesskey" parameter holds the session key used to prevent
csrf, this isn't unique for every form once logged in so many forms can
be submitted using this item. It is available on every page which makes
xss quite dangerous in this case.
#######################################################################
2) The exploit
Using a link value of javascri
Metasploit
Moodle Authenticated Spelling Binary RCE
metasploit
Moodle Authenticated Spelling Binary RCE
Moodle Authenticated Spelling Binary RCE
Moodle allows an authenticated user to define spellcheck settings via the web interface. The user can update the spellcheck mechanism to point to a system-installed aspell binary. By updating the path for the spellchecker to an arbitrary command, an attacker can run arbitrary commands in the context of the web application upon spellchecking requests. This module also allows an attacker to leverage another privilege escalation vuln. Using the referenced XSS vuln, an unprivileged authenticated user can steal an admin sesskey and use this to escalate privileges to that of an admin, allowing the module to pop a shell as a previously unprivileged authenticated user. This module was tested against Moodle version 2.5.2 and 2.2.3.
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-41623http://packetstormsecurity.com/files/164479/Moodle-Authenticated-Spelling-Binary-Remote-Code-Execution.htmlhttps://moodle.org/mod/forum/discuss.php?d=238399http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-41623http://packetstormsecurity.com/files/164479/Moodle-Authenticated-Spelling-Binary-Remote-Code-Execution.htmlhttps://moodle.org/mod/forum/discuss.php?d=238399
2013-09-16
Published